mattbald
2008-10-23, 08:03
Hopefully someone out there is able to help. One of or PC's appears to be infected with Virtumonde.
I am running Spybot 1.6.0.31 on Windows XP Sp2.
Tere is no apparent issues with the PC, but Spybot is picking up that there is 2 registry keys that are infected.
1-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Help Objects\{number}
2-
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{number}
I have tried simply deleting the keys, but they re-appear with a new number at the end.
Let me know if you need me to post any HJT (or anything else) logs, or if you need any further info.
Any help is greatly appeciated.
Matt
I am running Spybot 1.6.0.31 on Windows XP Sp2.
Tere is no apparent issues with the PC, but Spybot is picking up that there is 2 registry keys that are infected.
1-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Help Objects\{number}
2-
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{number}
I have tried simply deleting the keys, but they re-appear with a new number at the end.
Let me know if you need me to post any HJT (or anything else) logs, or if you need any further info.
Any help is greatly appeciated.
Matt